server/tests/api/users.ts

   1 /* tslint:disable:no-unused-expression */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 const expect = chai.expect
   6
   7 import {
   8   ServerInfo,
   9   flushTests,
  10   runServer,
  11   login,
  12   uploadVideo,
  13   makeFriends,
  14   quitFriends,
  15   getVideosList,
  16   rateVideo,
  17   getUserVideoRating,
  18   removeVideo,
  19   makePutBodyRequest,
  20   createUser,
  21   loginAndGetAccessToken,
  22   getMyUserInformation,
  23   getUsersList,
  24   getUsersListPaginationAndSort,
  25   updateUser,
  26   updateMyUser,
  27   registerUser,
  28   removeUser,
  29   killallServers,
  30   getUserInformation,
  31   getBlacklistedVideosList
  32 } from '../utils'
  33 import { UserRole } from '../../../shared'
  34
  35 describe('Test users', function () {
  36   let server: ServerInfo
  37   let accessToken: string
  38   let accessTokenUser: string
  39   let videoId: number
  40   let userId: number
  41
  42   before(async function () {
  43     this.timeout(120000)
  44
  45     await flushTests()
  46     server = await runServer(1)
  47   })
  48
  49   it('Should create a new client')
  50
  51   it('Should return the first client')
  52
  53   it('Should remove the last client')
  54
  55   it('Should not login with an invalid client id', async function () {
  56     const client = { id: 'client', secret: server.client.secret }
  57     const res = await login(server.url, client, server.user, 400)
  58
  59     expect(res.body.error).to.equal('invalid_client')
  60   })
  61
  62   it('Should not login with an invalid client secret', async function () {
  63     const client = { id: server.client.id, secret: 'coucou' }
  64     const res = await login(server.url, client, server.user, 400)
  65
  66     expect(res.body.error).to.equal('invalid_client')
  67   })
  68
  69   it('Should not login with an invalid username', async function () {
  70     const user = { username: 'captain crochet', password: server.user.password }
  71     const res = await login(server.url, server.client, user, 400)
  72
  73     expect(res.body.error).to.equal('invalid_grant')
  74   })
  75
  76   it('Should not login with an invalid password', async function () {
  77     const user = { username: server.user.username, password: 'mew_three' }
  78     const res = await login(server.url, server.client, user, 400)
  79
  80     expect(res.body.error).to.equal('invalid_grant')
  81   })
  82
  83   it('Should not be able to upload a video', async function () {
  84     accessToken = 'my_super_token'
  85
  86     const videoAttributes = {}
  87     await uploadVideo(server.url, accessToken, videoAttributes, 401)
  88   })
  89
  90   it('Should not be able to make friends', async function () {
  91     accessToken = 'my_super_token'
  92     await makeFriends(server.url, accessToken, 401)
  93   })
  94
  95   it('Should not be able to quit friends', async function () {
  96     accessToken = 'my_super_token'
  97     await quitFriends(server.url, accessToken, 401)
  98   })
  99
 100   it('Should be able to login', async function () {
 101     const res = await login(server.url, server.client, server.user, 200)
 102
 103     accessToken = res.body.access_token
 104   })
 105
 106   it('Should upload the video with the correct token', async function () {
 107     const videoAttributes = {}
 108     await uploadVideo(server.url, accessToken, videoAttributes, 204)
 109     const res = await getVideosList(server.url)
 110     const video = res.body.data[0]
 111
 112     expect(video.author).to.equal('root')
 113     videoId = video.id
 114   })
 115
 116   it('Should upload the video again with the correct token', async function () {
 117     const videoAttributes = {}
 118     await uploadVideo(server.url, accessToken, videoAttributes, 204)
 119   })
 120
 121   it('Should retrieve a video rating', async function () {
 122     await rateVideo(server.url, accessToken, videoId, 'like')
 123     const res = await getUserVideoRating(server.url, accessToken, videoId)
 124     const rating = res.body
 125
 126     expect(rating.videoId).to.equal(videoId)
 127     expect(rating.rating).to.equal('like')
 128   })
 129
 130   it('Should not be able to remove the video with an incorrect token', async function () {
 131     await removeVideo(server.url, 'bad_token', videoId, 401)
 132   })
 133
 134   it('Should not be able to remove the video with the token of another account')
 135
 136   it('Should be able to remove the video with the correct token', async function () {
 137     await removeVideo(server.url, accessToken, videoId)
 138   })
 139
 140   it('Should logout (revoke token)')
 141
 142   it('Should not be able to get the user information')
 143
 144   it('Should not be able to upload a video')
 145
 146   it('Should not be able to remove a video')
 147
 148   it('Should not be able to rate a video', async function () {
 149     const path = '/api/v1/videos/'
 150     const data = {
 151       rating: 'likes'
 152     }
 153
 154     const options = {
 155       url: server.url,
 156       path: path + videoId,
 157       token: 'wrong token',
 158       fields: data,
 159       statusCodeExpected: 401
 160     }
 161     await makePutBodyRequest(options)
 162   })
 163
 164   it('Should be able to login again')
 165
 166   it('Should have an expired access token')
 167
 168   it('Should refresh the token')
 169
 170   it('Should be able to upload a video again')
 171
 172   it('Should be able to create a new user', async function () {
 173     await createUser(server.url, accessToken, 'user_1', 'super password', 2 * 1024 * 1024)
 174   })
 175
 176   it('Should be able to login with this user', async function () {
 177     server.user = {
 178       username: 'user_1',
 179       password: 'super password'
 180     }
 181
 182     accessTokenUser = await loginAndGetAccessToken(server)
 183   })
 184
 185   it('Should be able to get the user information', async function () {
 186     const res = await getMyUserInformation(server.url, accessTokenUser)
 187     const user = res.body
 188
 189     expect(user.username).to.equal('user_1')
 190     expect(user.email).to.equal('user_1@example.com')
 191     expect(user.displayNSFW).to.be.false
 192     expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 193     expect(user.roleLabel).to.equal('User')
 194     expect(user.id).to.be.a('number')
 195   })
 196
 197   it('Should be able to upload a video with this user', async function () {
 198     this.timeout(5000)
 199
 200     const videoAttributes = {}
 201     await uploadVideo(server.url, accessTokenUser, videoAttributes)
 202   })
 203
 204   it('Should list all the users', async function () {
 205     const res = await getUsersList(server.url)
 206     const result = res.body
 207     const total = result.total
 208     const users = result.data
 209
 210     expect(total).to.equal(2)
 211     expect(users).to.be.an('array')
 212     expect(users.length).to.equal(2)
 213
 214     const user = users[0]
 215     expect(user.username).to.equal('user_1')
 216     expect(user.email).to.equal('user_1@example.com')
 217     expect(user.displayNSFW).to.be.false
 218
 219     const rootUser = users[1]
 220     expect(rootUser.username).to.equal('root')
 221     expect(rootUser.email).to.equal('admin1@example.com')
 222     expect(rootUser.displayNSFW).to.be.false
 223
 224     userId = user.id
 225   })
 226
 227   it('Should list only the first user by username asc', async function () {
 228     const res = await getUsersListPaginationAndSort(server.url, 0, 1, 'username')
 229
 230     const result = res.body
 231     const total = result.total
 232     const users = result.data
 233
 234     expect(total).to.equal(2)
 235     expect(users.length).to.equal(1)
 236
 237     const user = users[0]
 238     expect(user.username).to.equal('root')
 239     expect(user.email).to.equal('admin1@example.com')
 240     expect(user.roleLabel).to.equal('Administrator')
 241     expect(user.displayNSFW).to.be.false
 242   })
 243
 244   it('Should list only the first user by username desc', async function () {
 245     const res = await getUsersListPaginationAndSort(server.url, 0, 1, '-username')
 246     const result = res.body
 247     const total = result.total
 248     const users = result.data
 249
 250     expect(total).to.equal(2)
 251     expect(users.length).to.equal(1)
 252
 253     const user = users[0]
 254     expect(user.username).to.equal('user_1')
 255     expect(user.email).to.equal('user_1@example.com')
 256     expect(user.displayNSFW).to.be.false
 257   })
 258
 259   it('Should list only the second user by createdAt desc', async function () {
 260     const res = await getUsersListPaginationAndSort(server.url, 0, 1, '-createdAt')
 261     const result = res.body
 262     const total = result.total
 263     const users = result.data
 264
 265     expect(total).to.equal(2)
 266     expect(users.length).to.equal(1)
 267
 268     const user = users[0]
 269     expect(user.username).to.equal('user_1')
 270     expect(user.email).to.equal('user_1@example.com')
 271     expect(user.displayNSFW).to.be.false
 272   })
 273
 274   it('Should list all the users by createdAt asc', async function () {
 275     const res = await getUsersListPaginationAndSort(server.url, 0, 2, 'createdAt')
 276     const result = res.body
 277     const total = result.total
 278     const users = result.data
 279
 280     expect(total).to.equal(2)
 281     expect(users.length).to.equal(2)
 282
 283     expect(users[0].username).to.equal('root')
 284     expect(users[0].email).to.equal('admin1@example.com')
 285     expect(users[0].displayNSFW).to.be.false
 286
 287     expect(users[1].username).to.equal('user_1')
 288     expect(users[1].email).to.equal('user_1@example.com')
 289     expect(users[1].displayNSFW).to.be.false
 290   })
 291
 292   it('Should update my password', async function () {
 293     await updateMyUser(server.url, accessTokenUser, 'new password')
 294     server.user.password = 'new password'
 295
 296     await login(server.url, server.client, server.user, 200)
 297   })
 298
 299   it('Should be able to change the NSFW display attribute', async function () {
 300     await updateMyUser(server.url, accessTokenUser, undefined, true)
 301
 302     const res = await getMyUserInformation(server.url, accessTokenUser)
 303     const user = res.body
 304
 305     expect(user.username).to.equal('user_1')
 306     expect(user.email).to.equal('user_1@example.com')
 307     expect(user.displayNSFW).to.be.ok
 308     expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 309     expect(user.id).to.be.a('number')
 310   })
 311
 312   it('Should be able to change the email display attribute', async function () {
 313     await updateMyUser(server.url, accessTokenUser, undefined, undefined, 'updated@example.com')
 314
 315     const res = await getMyUserInformation(server.url, accessTokenUser)
 316     const user = res.body
 317
 318     expect(user.username).to.equal('user_1')
 319     expect(user.email).to.equal('updated@example.com')
 320     expect(user.displayNSFW).to.be.ok
 321     expect(user.videoQuota).to.equal(2 * 1024 * 1024)
 322     expect(user.id).to.be.a('number')
 323   })
 324
 325   it('Should be able to update another user', async function () {
 326     await updateUser(server.url, userId, accessToken, 'updated2@example.com', 42, UserRole.MODERATOR)
 327
 328     const res = await getUserInformation(server.url, accessToken, userId)
 329     const user = res.body
 330
 331     expect(user.username).to.equal('user_1')
 332     expect(user.email).to.equal('updated2@example.com')
 333     expect(user.displayNSFW).to.be.ok
 334     expect(user.videoQuota).to.equal(42)
 335     expect(user.roleLabel).to.equal('Moderator')
 336     expect(user.id).to.be.a('number')
 337   })
 338
 339   it('Should not be able to delete a user by a moderator', async function () {
 340     await removeUser(server.url, 2, accessTokenUser, 403)
 341   })
 342
 343   it('Should be able to list video blacklist by a moderator', async function () {
 344     await getBlacklistedVideosList(server.url, accessTokenUser)
 345   })
 346
 347   it('Should be able to remove this user', async function () {
 348     await removeUser(server.url, userId, accessToken)
 349   })
 350
 351   it('Should not be able to login with this user', async function () {
 352     // server.user is already set to user 1
 353     await login(server.url, server.client, server.user, 400)
 354   })
 355
 356   it('Should not have videos of this user', async function () {
 357     const res = await getVideosList(server.url)
 358
 359     expect(res.body.total).to.equal(1)
 360
 361     const video = res.body.data[0]
 362     expect(video.author).to.equal('root')
 363   })
 364
 365   it('Should register a new user', async function () {
 366     await registerUser(server.url, 'user_15', 'my super password')
 367   })
 368
 369   it('Should be able to login with this registered user', async function () {
 370     server.user = {
 371       username: 'user_15',
 372       password: 'my super password'
 373     }
 374
 375     accessToken = await loginAndGetAccessToken(server)
 376   })
 377
 378   it('Should have the correct video quota', async function () {
 379     const res = await getMyUserInformation(server.url, accessToken)
 380     const user = res.body
 381
 382     expect(user.videoQuota).to.equal(5 * 1024 * 1024)
 383   })
 384
 385   after(async function () {
 386     killallServers([ server ])
 387
 388     // Keep the logs if the test failed
 389     if (this['ok']) {
 390       await flushTests()
 391     }
 392   })
 393 })